CVE-2022-23523

Name of the Vulnerable Software and Affected Versions linux-loader versions prior to 0.8.1

Description The issue arises when the linux-loader crate uses offsets and sizes from ELF headers to determine read offsets. If these offsets point beyond the file's end, it could lead to an infinite loop in Virtual Machine Monitors using the linux-loader crate, especially if the kernel's ELF header is maliciously modified. The issue can be mitigated by loading only trusted kernel images or verifying that the headers do not point beyond the file's end.

Recommendations For versions prior to 0.8.1, update to version 0.8.1 to address the issue. As a temporary workaround, consider ensuring that only trusted kernel images are loaded or verifying that the headers do not point beyond the end of the file to minimize the risk of exploitation.